Update package manager instructions with community-hosted repos

Signed-off-by: Marko Mudrinić <mudrinic.mare@gmail.com>
kubernetes · Jul 26, 2023 · 79a903e · 79a903e
1 parent 5984c64
commit 79a903e
Show file tree

Hide file tree

Showing 2 changed files with 244 additions and 14 deletions.
diff --git a/content/en/docs/setup/production-environment/tools/kubeadm/install-kubeadm.md b/content/en/docs/setup/production-environment/tools/kubeadm/install-kubeadm.md
@@ -147,6 +147,58 @@ For more information on version skews, see:
 {{< tabs name="k8s_install" >}}
 {{% tab name="Debian-based distributions" %}}
 
+{{< warning >}}
+Kubernetes has two different package repositories starting from August 2023.
+The Google-hosted repository is considered deprecated and we will stop
+publishing packages to that repository starting with Kubernetes 1.30.
+The community-hosted repositories are replacement for the Google-hosted
+repository. There are some important considerations for the community-hosted
+repositories:
+
+- We strongly recommend using the community-hosted repositories especially for
+  all new setups. For existing setups, manual migration outlined in the
+  document linked below is required.
+- The community-hosted repositories contains only packages starting from
+  Kubernetes 1.24.0.
+- We have a different repository for each Kubernetes minor release.
+  Please take this into consideration when upgrading to a new minor release.
+
+For more details about community-hosted repositories, we strongly recommend
+checking out the following document: TBD
+{{< /warning >}}
+
+### Community-hosted repositories
+
+1. Update the `apt` package index and install packages needed to use the Kubernetes `apt` repository:
+
+   ```shell
+   sudo apt-get update
+   sudo apt-get install -y apt-transport-https ca-certificates curl
+   ```
+
+2. Download the public signing key for community repositories. The same signing key is used for all repositories so you can disregard the version in URL:
+
+   ```shell
+   curl -fsSL https://pkgs.k8s.io/core:/stable:/{{< param "version" >}}/deb/Release.key | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/kubernetes-apt-keyring.gpg > /dev/null
+   ```
+
+3. Add the appropriate Kubernetes `apt` repository. If you're using Kubernetes version different than {{< param "version" >}},
+   replace {{< param "version" >}} with the desired minor version in commands below:
+
+   ```shell
+   echo 'deb https://pkgs.k8s.io/core:/stable:/{{< param "version" >}}/deb/ /' | sudo tee /etc/apt/sources.list.d/kubernetes.list
+   ```
+
+4. Update `apt` package index, install kubelet, kubeadm and kubectl, and pin their version:
+
+   ```shell
+   sudo apt-get update
+   sudo apt-get install -y kubelet kubeadm kubectl
+   sudo apt-mark hold kubelet kubeadm kubectl
+   ```
+
+### Google-hosted repository (Deprecated)
+
 1. Update the `apt` package index and install packages needed to use the Kubernetes `apt` repository:
 
    ```shell
@@ -180,7 +232,76 @@ You can create this directory if you need to, making it world-readable but write
 
 {{% /tab %}}
 {{% tab name="Red Hat-based distributions" %}}
-```bash
+
+{{< warning >}}
+Kubernetes has two different package repositories starting from August 2023.
+The Google-hosted repository is considered deprecated and we will stop
+publishing packages to that repository starting with Kubernetes 1.30.
+The community-hosted repositories are replacement for the Google-hosted
+repository. There are some important considerations for the community-hosted
+repositories:
+
+- We strongly recommend using the community-hosted repositories especially for
+  all new setups. For existing setups, manual migration outlined in the
+  document linked below is required.
+- The community-hosted repositories contains only packages starting from
+  Kubernetes 1.24.0.
+- We have a different repository for each Kubernetes minor release.
+  Please take this into consideration when upgrading to a new minor release.
+
+For more details about community-hosted repositories, we strongly recommend
+checking out the following document: TBD
+{{< /warning >}}
+
+### Prerequisites
+
+These prerequisites must be satisfied regardless if you're using
+community-hosted or Google-hosted repositories.
+
+1. Set SELinux in the permissive mode:
+
+```shell
+# Set SELinux in permissive mode (effectively disabling it)
+sudo setenforce 0
+sudo sed -i 's/^SELINUX=enforcing$/SELINUX=permissive/' /etc/selinux/config
+```
+
+  **Notes:**
+
+  - Setting SELinux in permissive mode by running `setenforce 0` and `sed ...` effectively disables it.
+    This is required to allow containers to access the host filesystem, which is needed by pod networks for example.
+    You have to do this until SELinux support is improved in the kubelet.
+
+  - You can leave SELinux enabled if you know how to configure it but it may require settings that are not supported by kubeadm.
+
+### Community-hosted repositories
+
+2. Add the Kubernetes `yum` repository. If you're using Kubernetes version different than {{< param "version" >}}, replace {{< param "version" >}} with the desired minor version in command below:
+
+```shell
+cat <<EOF | sudo tee /etc/yum.repos.d/kubernetes.repo
+[kubernetes]
+name=Kubernetes
+baseurl=https://pkgs.k8s.io/core:/stable:/{{< param "version" >}}/rpm/
+enabled=1
+gpgcheck=1
+gpgkey=https://pkgs.k8s.io/core:/stable:/{{< param "version" >}}/rpm/repodata/repomd.xml.key
+exclude=kubelet kubeadm kubectl
+EOF
+```
+
+3. Install kubelet, kubeadm and kubectl, and enable kubelet to ensure it's automatically started on startup:
+
+   ```shell
+   sudo yum install -y kubelet kubeadm kubectl --disableexcludes=kubernetes
+   sudo systemctl enable --now kubelet
+   ```
+
+### Google-hosted repository (Deprecated)
+
+2. Add the Kubernetes `yum` repository:
+
+```shell
 cat <<EOF | sudo tee /etc/yum.repos.d/kubernetes.repo
 [kubernetes]
 name=Kubernetes
@@ -190,24 +311,17 @@ gpgcheck=1
 gpgkey=https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg
 exclude=kubelet kubeadm kubectl
 EOF
+```
 
-# Set SELinux in permissive mode (effectively disabling it)
-sudo setenforce 0
-sudo sed -i 's/^SELINUX=enforcing$/SELINUX=permissive/' /etc/selinux/config
+3. Install kubelet, kubeadm and kubectl, and enable kubelet to ensure it's automatically started on startup:
 
+```shell
 sudo yum install -y kubelet kubeadm kubectl --disableexcludes=kubernetes
-
 sudo systemctl enable --now kubelet
 ```
 
   **Notes:**
 
-  - Setting SELinux in permissive mode by running `setenforce 0` and `sed ...` effectively disables it.
-    This is required to allow containers to access the host filesystem, which is needed by pod networks for example.
-    You have to do this until SELinux support is improved in the kubelet.
-
-  - You can leave SELinux enabled if you know how to configure it but it may require settings that are not supported by kubeadm.
-
   - If the `baseurl` fails because your Red Hat-based distribution cannot interpret `basearch`, replace `\$basearch` with your computer's architecture.
   Type `uname -m` to see that value.
   For example, the `baseurl` URL for `x86_64` could be: `https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64`.

diff --git a/content/en/docs/tasks/tools/install-kubectl-linux.md b/content/en/docs/tasks/tools/install-kubectl-linux.md
@@ -22,9 +22,20 @@ Using the latest compatible version of kubectl helps avoid unforeseen issues.
 
 The following methods exist for installing kubectl on Linux:
 
-- [Install kubectl binary with curl on Linux](#install-kubectl-binary-with-curl-on-linux)
-- [Install using native package management](#install-using-native-package-management)
-- [Install using other package management](#install-using-other-package-management)
+- [{{% heading "prerequisites" %}}](#-heading-prerequisites-)
+- [Install kubectl on Linux](#install-kubectl-on-linux)
+  - [Install kubectl binary with curl on Linux](#install-kubectl-binary-with-curl-on-linux)
+  - [Install using native package management](#install-using-native-package-management)
+  - [Community-hosted repositories](#community-hosted-repositories)
+  - [Google-hosted repository (Deprecated)](#google-hosted-repository-deprecated)
+  - [Community-hosted repositories](#community-hosted-repositories-1)
+  - [Google-hosted repository (Deprecated)](#google-hosted-repository-deprecated-1)
+  - [Install using other package management](#install-using-other-package-management)
+- [Verify kubectl configuration](#verify-kubectl-configuration)
+- [Optional kubectl configurations and plugins](#optional-kubectl-configurations-and-plugins)
+  - [Enable shell autocompletion](#enable-shell-autocompletion)
+  - [Install `kubectl convert` plugin](#install-kubectl-convert-plugin)
+- [{{% heading "whatsnext" %}}](#-heading-whatsnext-)
 
 ### Install kubectl binary with curl on Linux
 
@@ -141,6 +152,58 @@ The following methods exist for installing kubectl on Linux:
 {{< tabs name="kubectl_install" >}}
 {{% tab name="Debian-based distributions" %}}
 
+{{< warning >}}
+Kubernetes has two different package repositories starting from August 2023.
+The Google-hosted repository is considered deprecated and we will stop
+publishing packages to that repository starting with Kubernetes 1.30.
+The community-hosted repositories are replacement for the Google-hosted
+repository. There are some important considerations for the community-hosted
+repositories:
+
+- We strongly recommend using the community-hosted repositories especially for
+  all new setups. For existing setups, manual migration outlined in the
+  document linked below is required.
+- The community-hosted repositories contains only packages starting from
+  Kubernetes 1.24.0.
+- We have a different repository for each Kubernetes minor release.
+  Please take this into consideration when upgrading to a new minor release.
+
+For more details about community-hosted repositories, we strongly recommend
+checking out the following document: TBD
+{{< /warning >}}
+
+### Community-hosted repositories
+
+1. Update the `apt` package index and install packages needed to use the Kubernetes `apt` repository:
+
+   ```shell
+   sudo apt-get update
+   sudo apt-get install -y apt-transport-https ca-certificates curl
+   ```
+
+2. Download the public signing key for community repositories. The same signing key is used for all repositories so you can disregard the version in URL:
+
+   ```shell
+   curl -fsSL https://pkgs.k8s.io/core:/stable:/{{< param "version" >}}/deb/Release.key | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/kubernetes-apt-keyring.gpg > /dev/null
+   ```
+
+3. Add the appropriate Kubernetes `apt` repository. If you're using Kubernetes version different than {{< param "version" >}},
+   replace {{< param "version" >}} with the desired minor version in commands below:
+
+   ```shell
+   echo 'deb https://pkgs.k8s.io/core:/stable:/{{< param "version" >}}/deb/ /' | sudo tee /etc/apt/sources.list.d/kubernetes.list
+   ```
+
+4. Update `apt` package index with the new repository and install kubectl:
+
+   ```shell
+   sudo apt-get update
+   sudo apt-get install -y kubelet kubeadm kubectl
+   sudo apt-mark hold kubelet kubeadm kubectl
+   ```
+
+### Google-hosted repository (Deprecated)
+
 1. Update the `apt` package index and install packages needed to use the Kubernetes `apt` repository:
 
    ```shell
@@ -181,6 +244,54 @@ You can create this directory if you need to, making it world-readable but write
 {{% /tab %}}
 
 {{% tab name="Red Hat-based distributions" %}}
+
+{{< warning >}}
+Kubernetes has two different package repositories starting from August 2023.
+The Google-hosted repository is considered deprecated and we will stop
+publishing packages to that repository starting with Kubernetes 1.30.
+The community-hosted repositories are replacement for the Google-hosted
+repository. There are some important considerations for the community-hosted
+repositories:
+
+- We strongly recommend using the community-hosted repositories especially for
+  all new setups. For existing setups, manual migration outlined in the
+  document linked below is required.
+- The community-hosted repositories contains only packages starting from
+  Kubernetes 1.24.0.
+- We have a different repository for each Kubernetes minor release.
+  Please take this into consideration when upgrading to a new minor release.
+
+For more details about community-hosted repositories, we strongly recommend
+checking out the following document: TBD
+{{< /warning >}}
+
+### Community-hosted repositories
+
+1. Add the Kubernetes `yum` repository. If you're using Kubernetes version different than {{< param "version" >}},
+   replace {{< param "version" >}} with the desired minor version in command below:
+
+```bash
+cat <<EOF | sudo tee /etc/yum.repos.d/kubernetes.repo
+[kubernetes]
+name=Kubernetes
+baseurl=https://pkgs.k8s.io/core:/stable:/{{< param "version" >}}/rpm/
+enabled=1
+gpgcheck=1
+gpgkey=https://pkgs.k8s.io/core:/stable:/{{< param "version" >}}/rpm/repodata/repomd.xml.key
+exclude=kubelet kubeadm kubectl
+EOF
+```
+
+2. Install kubectl using `yum`:
+
+```bash
+sudo yum install -y kubectl
+```
+
+### Google-hosted repository (Deprecated)
+
+1. Add the Kubernetes `yum` repository:
+
 ```bash
 cat <<EOF | sudo tee /etc/yum.repos.d/kubernetes.repo
 [kubernetes]
@@ -190,6 +301,11 @@ enabled=1
 gpgcheck=1
 gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg
 EOF
+```
+
+2. Install kubectl using `yum`:
+
+```bash
 sudo yum install -y kubectl
 ```